“The malware being used has evolved significantly and the scope and scale of the attacks have grown proportionately,” said Steven Wilson, head of Europol’s EC3 cybercrime center
In the past, attacks against ATM machines mainly involved physical skimmers devices or malware inoculated through USB sticks or CDs in jackpotting attacks, but the current trend consists of targeting bank networks.
“The criminals have realized that not only can ATMs be physically attacked, but it is also very possible for these machines to be accessed through the network.
Once cybercriminals manage to install malware and get hold of the network, they can go ahead and steal cash from the machines.” states the report published by the Europol.
“Cybercriminals who compromise networks have the same end goal as those who carry out attacks via physical access: to dispense cash. However, instead of manually installing malware on ATMs through USB or CD, the criminals would not need to go to the machines anymore. They have standby money mules that would pick up the cash and go.”
Crooks use to target bank’s employees with spear phishing messages using malware that once executed allows attackers to compromise targeted networks.
Once inside the bank networks, the hackers gain control of the ATMs and instruct them to dispense the money in presence of the money mules.
“They have standby money mules that would pick up the cash and go.
It could be that these are regular criminal groups that already had access to the bank’s network and eventually realized that they could hop onto the ATM network.” continues the report.
“Europol warned that incidents of ATM targeting is likely to rise in the future.”
The Europol suggest the adoption of new measures to protect ATM networks.
“In the past, banks might have thought that network segregation was enough to keep their ATM networks safe from cyber crooks. This is no longer the case. Law enforcement agencies should be well-informed that criminals have ATMs firmly in their crosshairs, and financial organizations need to take more steps to secure their ATM installations by deploying more security layers.” continues the report.
In addition to a public report, Europol also provided a private report providing details to the financial institutions to improve the security of their ATM networks.